Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/2lzpTnWikk5WyPAHzu93iaXar3c.roa
File: 2lzpTnWikk5WyPAHzu93iaXar3c.roa (raw, json)
Hash identifier: HljhXM+lqmgD41OyNTeAyYHbVlBeWswT04btlhRf0Vs=
Subject key identifier: DA:5C:E9:4E:75:A2:92:4E:56:C8:F0:07:CE:EF:77:89:A5:DA:AF:77
Certificate issuer: /CN=485ddb678c4c0d0c488efd3b8367142189f3358a
Certificate serial: 0194228DD98EEDCC4AB3B6FE1A2973428844
Authority key identifier: 48:5D:DB:67:8C:4C:0D:0C:48:8E:FD:3B:83:67:14:21:89:F3:35:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SF3bZ4xMDQxIjv07g2cUIYnzNYo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/2lzpTnWikk5WyPAHzu93iaXar3c.roa
Signing time: Wed 01 Jan 2025 15:48:28 +0000
ROA not before: Wed 01 Jan 2025 15:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51500
IP address blocks: 109.235.12.0/23 maxlen: 23
109.235.12.0/24 maxlen: 24
109.235.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/SF3bZ4xMDQxIjv07g2cUIYnzNYo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/SF3bZ4xMDQxIjv07g2cUIYnzNYo.mft
rsync://rpki.ripe.net/repository/DEFAULT/SF3bZ4xMDQxIjv07g2cUIYnzNYo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:d9:8e:ed:cc:4a:b3:b6:fe:1a:29:73:42:88:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=485ddb678c4c0d0c488efd3b8367142189f3358a
Validity
Not Before: Jan 1 15:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=da5ce94e75a2924e56c8f007ceef7789a5daaf77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5b:87:1f:fa:26:4e:a5:0d:a9:f3:6b:54:73:
92:f3:61:ad:a9:9c:7c:85:a0:3b:b5:26:2e:87:9b:
f7:8a:e4:a8:5e:18:ca:2e:f7:db:3d:bc:a6:58:d7:
8e:42:2a:30:98:56:86:44:d8:64:75:6f:fc:2a:f4:
08:ac:8f:96:49:58:4a:45:4f:09:26:e9:ef:02:68:
38:40:62:0e:45:99:b1:3d:05:53:04:7d:54:69:ee:
5e:02:63:17:d3:a6:c1:dd:a9:22:84:35:ea:81:6e:
83:8c:b3:cd:3c:c0:b1:59:6f:5e:b7:38:a8:d4:d2:
b5:c1:d3:21:95:fb:08:05:90:b8:a0:a8:da:93:0d:
d8:6b:52:1c:5c:5d:5c:1d:af:87:cb:4d:dd:22:f5:
44:46:ff:ef:09:2e:1f:22:08:64:70:67:02:5a:f2:
c0:3c:d7:f2:23:a1:0d:a7:75:2a:d0:f8:1e:21:11:
77:66:7f:e6:b1:0c:1e:fc:ea:1c:7e:a9:f1:f5:04:
5d:a8:42:3d:d4:11:8c:3f:5a:ad:5c:ec:3f:42:f3:
14:34:47:97:f4:d8:bc:03:69:aa:69:eb:43:67:0b:
0e:f4:af:f0:dd:7b:ed:12:05:37:c5:70:e4:32:9e:
18:fc:8f:aa:f0:3b:8e:a1:10:c2:d9:8a:7b:05:c6:
01:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:5C:E9:4E:75:A2:92:4E:56:C8:F0:07:CE:EF:77:89:A5:DA:AF:77
X509v3 Authority Key Identifier:
keyid:48:5D:DB:67:8C:4C:0D:0C:48:8E:FD:3B:83:67:14:21:89:F3:35:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SF3bZ4xMDQxIjv07g2cUIYnzNYo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/2lzpTnWikk5WyPAHzu93iaXar3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/beb200-e5d6-4696-ae25-debfcd9eb20e/1/SF3bZ4xMDQxIjv07g2cUIYnzNYo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.235.12.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:07:9a:47:0e:24:71:79:f1:19:c8:92:b5:ee:d9:3b:42:f9:
69:9f:7c:f3:a7:b2:b7:99:72:cb:56:d4:f8:ea:39:75:8f:93:
33:9e:cb:46:2d:4b:b9:93:5c:57:ca:e9:7f:0b:a4:fb:42:76:
c0:65:49:99:47:6c:e8:cb:fc:46:55:66:38:65:df:d0:1c:26:
96:80:40:c2:e9:c4:94:fe:a1:f2:31:ce:65:48:b4:20:e8:c5:
f8:af:77:d2:94:e1:b9:45:85:f4:2b:fc:f5:c3:9f:23:7d:c8:
b2:02:6c:1b:a3:d8:63:73:f7:09:05:07:c8:3c:f7:e1:14:54:
5f:a9:ae:42:25:06:fe:1a:1a:1e:7b:31:a4:b8:81:ce:5c:1c:
34:65:a9:d1:99:5c:df:af:04:7a:57:c0:04:e3:06:bd:c2:81:
3c:09:9b:5c:69:c8:9f:cf:97:d7:99:62:5e:94:22:19:50:28:
fa:ec:0e:88:d5:5e:00:dd:f7:0d:88:6c:de:bd:38:11:ad:d3:
0f:45:4c:87:bc:a0:64:72:f2:25:0d:6a:4b:18:e6:b6:1e:05:
e3:a4:18:43:f9:9c:aa:d3:8d:29:c7:d3:7a:ea:ba:26:29:0f:
31:4a:b0:d8:bd:d7:a9:5b:28:59:f9:97:71:a7:68:e0:97:ba:
b6:01:e2:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijdmO7cxKs7b+GilzQohEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NWRkYjY3OGM0YzBkMGM0ODhlZmQzYjgzNjcxNDIxODlm
MzM1OGEwHhcNMjUwMTAxMTU0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTVjZTk0ZTc1YTI5MjRlNTZjOGYwMDdjZWVmNzc4OWE1ZGFhZjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhluHH/omTqUNqfNrVHOS82GtqZx8
haA7tSYuh5v3iuSoXhjKLvfbPbymWNeOQiowmFaGRNhkdW/8KvQIrI+WSVhKRU8J
JunvAmg4QGIORZmxPQVTBH1Uae5eAmMX06bB3akihDXqgW6DjLPNPMCxWW9etzio
1NK1wdMhlfsIBZC4oKjakw3Ya1IcXF1cHa+Hy03dIvVERv/vCS4fIghkcGcCWvLA
PNfyI6ENp3Uq0PgeIRF3Zn/msQwe/Oocfqnx9QRdqEI91BGMP1qtXOw/QvMUNEeX
9Ni8A2mqaetDZwsO9K/w3XvtEgU3xXDkMp4Y/I+q8DuOoRDC2Yp7BcYBhwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNpc6U51opJOVsjwB87vd4ml2q93MB8GA1UdIwQY
MBaAFEhd22eMTA0MSI79O4NnFCGJ8zWKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0YzYlo0eE1EUXhJanYwN2cyY1VJWW56TllvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iZWIyMDAtZTVkNi00Njk2LWFlMjUt
ZGViZmNkOWViMjBlLzEvMmx6cFRuV2lrazVXeVBBSHp1OTNpYVhhcjNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iZWIyMDAtZTVkNi00Njk2LWFlMjUtZGViZmNkOWViMjBl
LzEvU0YzYlo0eE1EUXhJanYwN2cyY1VJWW56TllvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbesMMA0G
CSqGSIb3DQEBCwUAA4IBAQBPB5pHDiRxefEZyJK17tk7Qvlpn3zzp7K3mXLLVtT4
6jl1j5MznstGLUu5k1xXyul/C6T7QnbAZUmZR2zoy/xGVWY4Zd/QHCaWgEDC6cSU
/qHyMc5lSLQg6MX4r3fSlOG5RYX0K/z1w58jfciyAmwbo9hjc/cJBQfIPPfhFFRf
qa5CJQb+GhoeezGkuIHOXBw0ZanRmVzfrwR6V8AE4wa9woE8CZtcacifz5fXmWJe
lCIZUCj67A6I1V4A3fcNiGzevTgRrdMPRUyHvKBkcvIlDWpLGOa2HgXjpBhD+Zyq
040px9N66romKQ8xSrDYvdepWyhZ+Zdxp2jgl7q2AeIr
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:16:34 2025 by rpki-client